1. Home
  2. Categories

Categories

  • Announcements regarding our community

    Release
    91
    Topics
    138
    Posts

    A

    Hey, are you interested in learning more about JSON Web Tokens and how to protect your APIs with them?

    Join my talk hosted by the great peeps at Gun.io!

    https://www.meetup.com/gundotio/events/302264818/

  • Connect with other community members to discuss CIAM, architecture, app development, and more.

    561
    Topics
    1.8k
    Posts

    mark.robustelliM

    @john-spellman, Can you let us a bit more about how you created the key? Which option did you choose to import? Which certificate type did you use? You could try different types.

    Anything you can tell us about which Identity Provider you created and what the architecture looks like will help. Is FusionAuth the IdP/SP or both?

    Also, If you can share the settings of you SAML tab for the application (without sharing secrets), that may give us some insight to the issue as well, if you are using FusionAuth as an IdP.

    I don't have a ton of experience with importing certificates, so if anyone out there knows better, please feel free to chime in.

    I have set up a key for a SAML provider before and using an RSA/RS256 type key. I generated that key with FusionAuth, but I don't see any reason you couldn't import the key you need.

    You may want to check out this blog to test a simple SAML configuration if your situation reflects the setup.

  • Share your tips and feedback with FusionAuth and the FusionAuth community.

    86
    Topics
    284
    Posts

    T

    @yuriy-barvenko Ok, I'm in the same boat, but I think it is most likely the database back-end. Reason being, I migrated our database from the docker instance to a stand alone instance of PostgreSQL and I immediately noticed some performance degradation.

    I'm running version 1.55.1 of FusionAuth and PostgreSQL version 14. There are documented performance improvements in both FusionAuth and PostgreSQL. I'll be updating my version of PostgreSQL and will report back.

  • You've got questions? We've got answers.

    1.6k
    Topics
    4.9k
    Posts

    danD

    By using a proxy or gateway that supports mutual TLS, you can use it with FusionAuth.

    For example, AWS ALB supports Mutual TLS verify where the ALB does client certificate verification. Nginx has similar functionality.

    If you are running FusionAuth 'bare' and terminating TLS directly at the FusionAuth server, mutual TLS is not supported.

  • Share and discuss community blog posts.

    169
    Topics
    190
    Posts

  • A read-only knowledge base of questions asked and answered about FusionAuth.

    9
    Topics
    18
    Posts

    W

    Existing Role Limitations in FusionAuth FusionAuth provides predefined Admin UI roles, which are not modifiable. You can review the available roles here:
    FusionAuth Admin UI Roles The default FusionAuth application roles cannot be changed, which means read-only roles are not currently available. Requesting Read-Only Roles as a Feature FusionAuth does not currently support read-only access roles for applications or tenants. The likely reason for this is that users who need to view application/tenant properties often also need to update them. However, you can submit a feature request to suggest adding read-only roles:
    Submit a Feature Request Workaround: Implement a Custom Read-Only View

    If immediate read-only access is required, consider:

    Using the FusionAuth APIs to create a custom dashboard where users can view but not edit data. Relevant APIs for this purpose: Application API Tenant API

    Summary

    No built-in read-only roles exist for applications or tenants. FusionAuth Admin UI roles are not modifiable. You can request read-only roles as a feature via GitHub. A workaround is to build a custom, API-based read-only view.

  • Connect with people who can help you with FusionAuth projects.

    13
    Topics
    15
    Posts